diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2012-07-31 22:25:54 -0300 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2012-08-02 17:14:30 -0300 |
commit | 28f2c6f4037081da0a82104a3f473165ed4ed2ce (patch) | |
tree | a511eac32c29cf7f9612b6691ac15ac558c5bd77 /activesupport/test/multibyte_conformance.rb | |
parent | 9c1b1bd42ce00d43b7894daaf096eff9ee55aef1 (diff) | |
download | rails-28f2c6f4037081da0a82104a3f473165ed4ed2ce.tar.gz rails-28f2c6f4037081da0a82104a3f473165ed4ed2ce.tar.bz2 rails-28f2c6f4037081da0a82104a3f473165ed4ed2ce.zip |
html_escape should escape single quotes
https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
Closes #7215
Conflicts:
actionpack/test/template/erb_util_test.rb
actionpack/test/template/form_tag_helper_test.rb
actionpack/test/template/text_helper_test.rb
actionpack/test/template/url_helper_test.rb
activesupport/lib/active_support/core_ext/string/output_safety.rb
Diffstat (limited to 'activesupport/test/multibyte_conformance.rb')
0 files changed, 0 insertions, 0 deletions